First issue: you're not clear what you're actually comparing. Flash is more than just videos, as is HTML5. Are you comparing them as video platforms, gaming platforms, or something else?

When you're comparing security, what are you basing the security on? There's security of the media itself (preventing downloads, ensuring only authorized people can watch it, encryption of the data) and there's security of the mechanism for the client machine, among others.

HTML5 will, of course, have less overhead than flash.

I have no idea what you mean by documentation. HTML5 is very thoroughly documented as a standard.

HTML5 doesn't require PHP, though you generally need a server-side language of some sort. However, to serve up flash, it's going to be embedded in a web documented with all the HTML stuff anyway, so FLASH clearly loses.

Also, you didn't compare the cost of development platforms: HTML5 is free, Flash is not.